Linux core development team website hacked

Source: Internet
Author: User
On June 23, September 3, the Linux core development team published a message on the official website, indicating that the team found a hacker intrusion in 828. The hacker obtained the highest website permission root and embedded a Trojan. The Linux core development team suspected that hackers had stolen the authentication and entered the system, and then used the rootkit tool to obtain the root permission. However, it is still unclear about the method.

September 3 message: the Linux core development team posted a message on the official website,

It indicates that the team found a hacker intrusion in 8/28. The hacker obtained the highest website permission root and embedded a Trojan.

The Linux core development team suspected that hackers had stolen the authentication and entered the system. Then, they used the rootkit tool to obtain the root permission,

However, we still have no idea about the method so far. After hacker intrusion, modify the related settings after SSH connection, and embed a piece of wood

The trojan program is sent to the system boot Startup Program.

The team found that there was a problem with Linux core version 3.1-RC2, but it was not sure that it was related to intrusion. They have requested

The 448-bit Linux core system developer changes the password and SSH link encryption key, and notifies us and European law enforcement agencies.

The Linux core team reinstalls new servers and reviews website information security policies one by one to avoid repeated incidents.

In terms of the original code of the Linux core program, Linux founder Linus Torvalds invented a GIT version management system,

More than 40 thousand files of the core program have corresponding encrypted SHA-1 hash function values. When someone changes the program code after the official release,

It is easy to be found because the SHA-1 hash function value does not match. However, not all users use GIT to obtain the original code.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.